Description

Praise for COSO Enterprise Risk Management

"COSO ERM is a thoughtful introduction to the challenges of risk management at the enterprise level and contains a wealth of information on dealing with it through the use of the COSO framework. Detailed procedures covering a wide variety of situations are followed by a thorough explanation of how each is deployed. As a project management professional, I appreciate how the author addresses the need for risk management at a project level. His background as someone who 'practices what they preach' and realizes the impact of the Sarbanes-Oxley auditing rules comes through clearly in the book, and it should be mandatory reading for anyone seeking to understand how to tackle their own ERM issues." --Greg Gomel, PMP, CQM, CSQE, ITIL, Director, Project Management, Insight North America

"This volume clearly and comprehensively outlines the usefulness of COSO Enterprise Risk Management guidance. It should provide considerable benefit to those having governance responsibilities in this important area." --Curtis Verschoor, L & Q Research Professor, School of Accountancy and MISDePaul University, Chicago

Today's companies are expected to manage a variety of risks that would have been unthinkable a decade ago. More than ever, it is vital to understand the dimensions of risk as well as how to best manage it to gain a competitive advantage.

COSO Enterprise Risk Management clearly enables organizations of all types and sizes to understand and better manage their risk environments and make better decisions through use of the COSO ERM framework.

A pragmatic guide for integrating ERM with COSO internal controls, this important book:

Offers you expert advice on how to carry out internal control responsibilities more efficiently

Updates you on the ins and outs of the COSO Report and its emergence as the new platform for understanding all aspects of risk in today's organization

Shows you how an effective risk management program, following COSO ERM, can help your organization to better comply with the Sarbanes-Oxley Act

Knowledgeably explains how to implement an effective ERM program

COSO Enterprise Risk Management is the invaluable working resource that will show you how to identify risks, avoid pitfalls within your corporation, and keep it moving ahead of the competition.

About the Author

Robert R. Moeller, CPA, CISA, CISSP, is an internal audit specialist and project manager with a strong understanding of information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. He held positions with Grant Thornton (national director of computer auditing) and Sears Roebuck (audit director). A frequently published author and professional speaker, he provides insights into many of the new rules impacting internal auditors today as well as the challenges audit committees face when dealing with Sarbanes-Oxley, internal controls, and their internal auditors.

Effective IT Continuity Planning Worms, Viruses, And System Network Risks.

IT and Effective ERM Processes.

Chapter 12. Establishing an Effective Risk Culture.

First Steps to Launching the Culture – An Example.

Promoting the Concept of Enterprise Risk.

Building the COSO ERM Culture: Risk-Related Education Programs.

Keeping the Risk Culture Current.

Chapter 13. ERM Worldwide.

ERM "Standards" Versus an ERM Framework.

ERM and ISO.

Convergence Of Risk Management Standards And Practices.

Chapter 14. COSO ERM Going Forward.

Future Prospect for COSO ERM.

COSO ERM and ISO.

Learning More about Risk Management.

ERM: New Professional Opportunities.

Index.

"In the book…Robert Moeller aims to help business professionals at all levels-from staff internal auditors to corporate board members-understand risk management and make effective use of the COSO ERM framework. In COSO Moeller identifies the processes and guidance required to become better at evaluating, embracing, and managing business uncertainties and risks in order to protect and enhance enterprise value." (Strategic Finance, June 2009)